Deploying the SGD Gateway
This section describes the following SGD Gateway deployment scenarios:
Basic Deployment
This section describes the configuration tasks for a basic deployment of the SGD
Gateway.
A basic deployment uses a single SGD Gateway, as shown in
Basic Deployment Using a Single SGD Gateway.
Figure 2-1 Basic Deployment Using a Single SGD Gateway
Configuring a basic deployment involves configuring the connections shown in
Connections For a Basic Deployment of the SGD Gateway.
Table 2-1 Connections For a Basic Deployment of the SGD Gateway
|
|
Client device
to SGD Gateway |
|
SGD Gateway to SGD servers |
- Enable SGD security services for the array.
The SGD servers must be running in secure mode. Firewall forwarding must not be enabled. See “Secure Connections to SGD Servers ” in Chapter 1 of the Oracle Secure Global Desktop 4.6 Administration Guide for details of how to do this.
On the SGD Gateway, install security certificates for the SGD servers. Use the gateway server command to import CA certificates and SSL certificates for the SGD servers in the array into the SGD Gateway keystore. See How to Install SGD Server Certificates.
Set up the SGD servers in the array to use the SGD Gateway. Install the SGD Gateway certificate on the SGD array, and use the tarantella gateway add command to register the SGD Gateway with the SGD array. See How to Install SGD Gateway Certificates on the SGD Array.
Configure which SGD Client connections can use the SGD Gateway. See How to Configure SGD Client Connections.
|
|
Load-Balanced Deployment
This section describes the configuration tasks for a load-balanced deployment of SGD Gateway.
A load-balanced deployment uses multiple SGD Gateways and a load balancer as the
network entry point, as shown in
Network Deployment Using Multiple SGD Gateways and a Load Balancer.
Figure 2-2 Network Deployment Using Multiple SGD Gateways and a Load Balancer
Configuring a load-balanced deployment involves configuring the connections shown in
Connections For a Basic Deployment of the SGD Gateway.
Table 2-2 Connections For a Load-Balanced Deployment of the SGD Gateway
|
|
Client device
to load balancer |
- Enable incoming connections from client devices.
Typically, this uses Transmission Control Protocol (TCP) port 443. See your load balancer documentation for details of how to do this.
(Optional) On the load balancer, install the SSL certificate used by the SGD Gateways for client connections. See your load balancer documentation for details of how to do this.
|
Load balancer to SGD Gateway |
|
SGD Gateway to SGD servers |
- Enable SGD security services for the SGD array.
The SGD servers must be running in secure mode. Firewall forwarding must not be enabled. See “Secure Connections to SGD Servers ” in Chapter 1 of the Oracle Secure Global Desktop 4.6 Administration Guide for details of how to do this.
On the SGD Gateway, install security certificates for the SGD servers. Use the gateway server command to import CA certificates and SSL certificates for the SGD servers in the array into the SGD Gateway keystore. See How to Install SGD Server Certificates.
Set up the SGD servers in the array to use the SGD Gateways. Install SGD Gateway certificates on the SGD array, and use the tarantella gateway add command to register the SGD Gateways with the SGD array. See How to Install SGD Gateway Certificates on the SGD Array.
Configure which SGD Client connections can use the SGD Gateways. See How to Configure SGD Client Connections.
|
|